That's the document I was referencing, but it doesn't mention using the
clipboard, only files. It seemed to me that passing plain text by the
clipboard to dom0 was going to be more secure than passing a complete
file, so assumed that would be the preferred method. Does such a
mechanism not exist then?
There is a reason. Look for example here:

https://security.stackexchange.com/questions/113627/what-is-the-risk-of-copy-and-pasting-linux-commands-from-a-website-how-can-some
https://unix.stackexchange.com/questions/15101/how-to-avoid-escape-sequence-attacks-in-terminals

better write/copy in a file, check it carefully and transfer then. And check 
again. Many other attacks are possible..

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c3fbe112-3fb8-d9db-3611-a2c4d09034c1%40web.de.

Reply via email to